package tech.jabari.user.controller;

import tech.jabari.constants.UMSConstant;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

import static tech.jabari.constants.UMSConstant.ACCESS_DENY_URL;


@WebServlet("/welcome.action")
public class WelcomeServlet extends HttpServlet {
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

    }

    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        // 获取session对象
        HttpSession session = request.getSession();
        // 获取session对象中的key的值。
        Object keyObj = session.getAttribute(UMSConstant.WELCOME_URL_KEY);
        //todo:1.权限限制：必须是登录用户才可以访问
        /*String key = request.getParameter("key");*/
        String key = null;
        if (keyObj != null) {
            key = keyObj.toString();
        }
        if (null == key || !UMSConstant.WELCOME_CAN_ACCESS.equals(key)) {
            System.out.println("----------非法访问！！！");
//            response.sendRedirect("/welcome.html?msg=invalid");
            response.sendRedirect(ACCESS_DENY_URL);
            return;
        }

        response.sendRedirect("/welcome.html");
    }
}
